Privacy & cookies policy
Hamleys of London Limited are committed to protecting and respecting your privacy.
We're giving you this information as part of our initiative to comply with recent legislation, and to make sure we're honest and clear about your privacy when using our website.
For the purpose of the Data Protection Act and the General Data Protection Regulation 2016/679 (the Acts), the data controller is Hamleys of London Limited of 6th Floor, 2 Fouberts Place, London, W1F 7PA.
Personal data we may collect from you
We may collect and process your data when you visit our site and when you use our site to make a purchase.
When you visit and use our website, you consent to our obtaining and processing the following information about you:
- Location data and online identifiers, including details of your visit to our site and the resources you access;
- Information about your computer, including your IP address, operating system, and browser.
- Cookies, and other information about your general internet usage.
This information is used for system administration and to ensure your experience is fully optimised. It is statistical, aggregated information and does not identify any specific individual. We may provide reports making use of this information to our advertisers.
In providing us with information through our website, you also consent to our processing this data and using it for the purposes specified by you. This may include:
- Information you provide by filling in forms on our site www.hamleys.com, including information you provide when registering an account with us, subscribing to any of our services, posting material, contacting us, or entering into a competition or promotion.
- When you write to us, we may retain a copy of your correspondence and contact details.
When you make a purchase through our site, we must necessarily obtain and process the following data in order to fulfil your order with us:
- Your name, address, billing information, and contact details.
- A record of your transactions with us and your purchase history.
Cookies are tiny text files stored on your computer when you visit certain web pages. These pieces of information are used to improve the services we provide to you.
We do have relationships with carefully-selected suppliers who may also set cookies during your visit.
- Google Maps. [Cookie name: NNID PREF]
You can manage these small files and learn more about them from the article, Internet Browser cookies- what they are and how to manage them.
Learn how to remove cookies set on your device.
We process personal data relating to those who apply for job vacancies with us or who send speculative job applications to us. We do this for employment purposes, to assist us in the selection of candidates for employment, and to assist in the running of the business. The personal data may include identifiers such as name, date of birth, personal characteristics such as gender, qualifications and previous employment history.
We will not share any identifiable information about you with third parties without your consent unless the law allows or requires us to do so. The personal data provided during an application process will be retained for a period of at least six months or, if required by law, for as long as is required.
This privacy notice does not form part of an employment offer or contract between us. If we make an employment offer to you, we will provide further information about our handling of your personal information in an employment context separately.
Where we store your personal data
The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA").
It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services.
All information you provide to us is stored on our suppliers secure servers. Any payment transactions will be encrypted [using SSL technology]. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Unfortunately, the transmission of information via the internet is not completely secure. We will use reasonable endeavours to protect your personal data, but we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
How long we store your personal data for
We store your personal data in accordance with our data retention policy. This policy is reviewed and updated internally to ensure we do not store your data for longer than is necessary. We also review how and where we store any data to ensure that we meet our obligation to store data securely.
In addition, some of the data we hold may be subject to certain legal and regulatory obligations, which provide a minimum retention period for different types of data. The retention period varies depending on the data we hold.
How we use your personal data
We use information held about you in the following ways:
- To ensure that content from our site is presented in the most effective manner for you and for your computer.
- To provide you with information, products or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes.
- To carry out our obligations arising from any contracts entered into between you and us.
- To allow you to participate in interactive features of our service, when you choose to do so.
- To notify you about changes to our service.
If you are an existing customer, we may use your data to contact you about similar products or services by text or email, unless you tell us otherwise. You may opt-out of these messages by:
- Opting out of marketing communications at the time of purchase.
- Clicking the unsubscribe link (and following the unsubscribe process) contained in any of our marketing communications.
- Emailing email@example.com.
Disclosure of your personal data
We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006. We may disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If Hamleys of London Limited or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
You have the following rights regarding our use of your personal data:
- You can access any of your data held by us.
- You can correct any inaccurate data we hold.
- You can ask us to erase any of your data held by us.
- You can restrict the types of data we hold.
- You can object to our processing any of your personal data.
- You can ask that your data be copied or transferred to a third party.
You can exercise any of the above rights by emailing firstname.lastname@example.org.
You can exercise your right to prevent such processing by checking certain boxes in the preference centre, and even where you have consented to our processing of your personal data, you can withdraw your consent at any time by emailing email@example.com.
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
If you wish to make a complaint regarding our use of your personal data, please email firstname.lastname@example.org. If you are unhappy with the way in which we have handled your complaint, you may escalate your complaint to the Information Commissioners Office (ICO) by visiting www.ico.org.uk/concerns/ or calling 0303 123 1113.
Hamleys ICO registration number is Z6094151.